diff --git a/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java b/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java index b56f3e951d..a4c12bc28d 100644 --- a/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java +++ b/src/main/java/org/opensearch/security/filter/SecurityRestFilter.java @@ -336,6 +336,9 @@ public void onAllowlistingSettingChanged(AllowlistingSettings allowlistingSettin * @return true if the request path matches the route */ private boolean restPathMatches(String requestPath, String handlerPath) { + // Trim leading and trailing slashes + requestPath = requestPath.replaceAll("^/+", "").replaceAll("/+$", ""); + handlerPath = handlerPath.replaceAll("^/+", "").replaceAll("/+$", ""); // Check exact match if (handlerPath.equals(requestPath)) { return true;